FAQ (Linux)

FAQ (Linux)

The information provided is mainly meant to address issues in Linux as it is the most commonly used server OS to run JET.

Note that everything is based on Ubuntu OS. If other Linux OS is used, there will be differences in the commands used and the paths shown.

If you have issues in Windows Server OS, please feel free to contact us. We will update the information accordingly once we confirmed.

Table of Contents

How to hide server default page or the root directory from the root of your website?

By default, the root of your website will show the server default page or the root directory. We would want to hide this from the normal users.

Step 1: Run the following commands:

				
					$ sudo a2enmod rewrite
$ sudo systemctl restart apache2

				
			

Step 2: Edit the default config file:

If you wish to edit files from the graphical interface, add the following lines to the config file, which can be found at

/etc/apache2/sites-enabled/000-default.conf

				
					<VirtualHost *:80>
Redirect permanent / https://www.yourdomain.com/
RedirectMatch ^/$ /JET/
</VirtualHost>
<VirtualHost *:443>
RedirectMatch ^/$ /JET/
</VirtualHost>

				
			

If you wish to edit files from the shell, follow the below steps:

    Step 2.1: Open the default config file in vi

				
					$ sudo vi /etc/apache2/sites-enabled/000-default.conf
				
			

    Step 2.2: Add the below lines into this file

        1. Press the key “i” on your keyboard to enter edit/insert mode on vi.

        2. Insert the below text to the file:

				
					<VirtualHost *:80>
Redirect permanent / https://www.yourdomain.com/
RedirectMatch ^/$ /JET/
</VirtualHost>
<VirtualHost *:443>
RedirectMatch ^/$ /JET/
</VirtualHost>

				
			

    Step 2.3: Save the file and quit vi

        1. Press the “Esc” key on your keyboard to exit edit/insert mode on vi.

        2. Type “:wq” to write the changes to the config file and quit.

 

How to ensure that the URL is not case sensitive?

For example, https://www.url.com/TEST should be the same as https://www.url.com/tesT and https://www.url.com/test.

Step 1: Edit the config file:

If you wish to edit files from the graphical interface, add the following lines to the config file, which can be found at

/etc/apache2/apache2.conf

				
					LoadModule speling_module /usr/lib/apache2/modules/mod_speling.so
<IfModule mod_speling.c>
CheckSpelling On
CheckCaseOnly On
</IfModule>
				
			

If you wish to edit files from the shell, follow the below steps:

    Step 1.1: Open the default config file in vi

				
					$ sudo vi /etc/apache2/apache2.conf
				
			

    Step 1.2: Add the below lines into this file

        1. Press the key “i” on your keyboard to enter edit/insert mode on vi.

        2. Insert the below text to the file:

				
					LoadModule speling_module /usr/lib/apache2/modules/mod_speling.so
<IfModule mod_speling.c>
CheckSpelling On
CheckCaseOnly On
</IfModule>
				
			

    Step 1.3: Save the file and quit vi

        1. Press the “Esc” key on your keyboard to exit edit/insert mode on vi.

        2. Type “:wq” to write the changes to the config file and quit.

Step 2: Restart the apache services

				
					$ sudo service apache2 reload
				
			

How to setup auto OS updates in Linux?

Step 1: Create an account at https://ubuntu.com

Step 2: Copy and save the token from https://ubuntu.com/pro/dashboard

Step 3: Run the following commands on the server.

				
					1. sudo snap remove canonical-livepatch
2. sudo snap install canonical-livepatch
3. sudo apt update
4. sudo apt install ubuntu-advantage-tools
5. sudo ua attach <token>
				
			

Replace <token> with the token copied in Step 2.

After this is completed, your Linux server will automatically install essential updates in the background which will take effect the next time you restart the server.

How to enable crontab in linux?

What is crontab? Click here to find out.

Step 1: Open the crontab file to edit

				
					$ sudo crontab -e
				
			

This will open the crontab file with the default editor vi

Step 2: Edit this file:

    Step 2.1: Enter Edit/Insert mode on vi

        1. Press the key “i” on your keyboard to enter edit/insert mode on vi.

        2. Add the below line to the file:

				
					* * * * * php -f /var/www/html/JET/scheduler.php
				
			

    Step 2.2: Save the file and quit vi

        1. Press the “Esc” key on your keyboard to exit edit/insert mode on vi.

        2. Type “:wq” to write the changes to the crontab file and quit.

Step 3: Restart crontab

				
					$ sudo /etc/init.d/cron restart
				
			

How do I make JET more secure in Linux?

Step 1: Open the hosts file in vim

				
					$ sudo vim /etc/hosts.allow

				
			

Step 2: Add the following lines to his file:

				
					sshd:localhost:allow
sshd:192.168.0.:allow
sshd:111.111.111.111:allow
sshd:ALL:deny

				
			

Replace 111.111.111.111 with your own public IP

You can add multiple lines of this to allow more IPs to have access.

Step 3: Restart sshd

				
					$ systemctl restart sshd

				
			

Step 3: Create a new user

For example, we want to create a new user ‘jetuser’

				
					$ sudo adduser jetuser
$ usermod -aG sudo jetuser
				
			

Step 3: Edit the sshd config file

				
					$ sudo vim /etc/ssh/sshd_config
				
			

Update the following line to disable root login:

				
					PermitRootLogin no
				
			

Step 3: Restart sshd

				
					$ systemctl restart sshd
				
			

How do I fix the timeout issue when there is a lot of data?

This can occur if there is a lot of record in the form and you are exporting the form data.

Step 1: Edit the file

				
					$ sudo vim /etc/php/7.2/apache2/php.ini
				
			

Locate the following:

				
					max_input_time = 60
max_execution_time = 60
default_socket_timeout = 60
				
			

Change the numbers from 60 to 3600. This will increase the time given for the timeout to occur.

Step 2: Restart apache

				
					$ sudo systemctl restart apache2
				
			

My OS partition ran out of space! What do I do?

Step 1: Delete files in /var/log/journal

				
					$ sudo journalctl --vacuum-time=3d
				
			

Step 2: Remove update files

				
					$ sudo apt-get autoclean
				
			

Step 3: Remove any unused packages

				
					$ sudo apt autoremove
				
			

My data disk is gone after I restart the server

This can happen if Auto mount was not setup properly or there was a change in config due to cloud hosting updates.

Step 1: Confirm that the data disk is not mounted.

				
					$ sudo df -TH
				
			

Step 2: Check for unmounted disk

				
					$ sudo lsblk
				
			

Step 3: Mount the partition with the disk partition you found in Step 2, for example: /dev/vdb1

				
					$ sudo mount /dev/vdb1 /data
				
			

Step 4: Check for Partition UUID

				
					$ sudo blkid /dev/vdb1
				
			

[root@ecs-test-0001 ~]# blkid /dev/vdb1
/dev/vdb1: UUID=”0b3040e2-1367-4abb-841d-ddb0b92693df” TYPE=”ext4″

Step 5: Update fstab file

				
					$ sudo vim /etc/fstab
				
			

Enter the below line at the end of the file.

UUID=0b3040e2-1367-4abb-841d-ddb0b92693df /data ext4 defaults 0 2

How do I update php/apache

You will need to do this to keep the system up to date and be protected from vulnerabilities

In this example, php 7.4 branch is the latest php version.

Step 1: Add PPA

				
					$ sudo apt install software-properties-common
$ sudo add-apt-repository ppa:ondrej/php
$ sudo add-apt-repository ppa:ondrej/apache2
$ sudo apt update
				
			

Step 2: Install latest php/apache

				
					$ sudo apt install php7.4
$ sudo apt install apache2
				
			

Step 3: Install php Extensions using the following syntax

				
					$ sudo apt install php7.4-extension_name
				
			

Step 4: There are some common php extensions that we can install.

				
					$ sudo apt install php7.4-common php7.4-mysql php7.4-xml php7.4-xmlrpc php7.4-curl php7.4-gd php7.4-imagick php7.4-cli php7.4-dev php7.4-imap php7.4-mbstring php7.4-opcache php7.4-soap php7.4-zip php7.4-intl -y
				
			

Step 5: Restart apache and check the versions to confirm

				
					$ sudo systemctl restart apache2
$ sudo php -v
$ sudo apache2 -v
				
			

Take note that if you have changed some config files, you will have to check through all of those files to ensure that you still retain your customized config.

Apache/PHP version hiding​

When remote requests are sent to your Apache web server, by default, various information such as the php version, is sent along in server-generated documents back to the client.

The following steps would help to hide these information to protect your web server.

Apache:

Step 1: Run the following commands depending on which OS your server is using.

For Debian/Ubuntu systems:

				
					$ sudo vi /etc/apache2/apache2.conf
				
			

For RHEL/CentOS systems

				
					$ sudo vi /etc/httpd/conf/httpd.conf
				
			

Step 2: Add/modify the following lines.

				
					ServerTokens Prod
ServerSignature Off 
				
			

Step 3: Restart the Apache service

				
					$ sudo systemctl restart apache2
				
			

PHP:

Step 1: Edit php.ini

				
					expose_php = off
				
			

How to migrate MYSQL database​

MySQL database is normally located in the System Disk of the Linux partition.

As you use JET, the data will grow and it may exceed the limits of the System Disk partition.
As such, you should move the MySQL database to the data disk.
The below steps is based on Ubuntu Linux servers but it should be more or less the same in other Linux servers as well.
Do adjust for any differences and if you are not sure, you can contact the Cloud provider for further assistance.

Note: It is advisable to do a backup of the database before proceeding with the below. (SQL file backups are recommended)

Step 1: Verify the directory of MySQL database.

				
					$ sudo mysql -u root -p
				
			

Enter the MySQL password.

				
					mysql> select @@datadir;
				
			

The output will determine the MySQL database directory which is usually /var/lib/mysql/

Step 2: Stop MySQL service

				
					$ sudo systemctl stop mysql
				
			

This will stop the service.

				
					$ sudo systemctl status mysql
				
			

This will allow you to confirm the status of the service.

Step 3: Copy MySQL database to another location

				
					$ sudo rsync -av /var/lib/mysql /data/database
				
			

In this case, /data/database folder is where I want to copy to.

Step 4: Rename the old database folder

				
					$ sudo mv /var/lib/mysql /var/lib/mysql.bak
				
			

This will save the backup temporarily until we confirm that the MySQL migration is successful.

Step 5: Point the MySQL service to the new directory.

				
					$ sudo vi /etc/mysql/mysql.conf.d/mysqld.cnf
				
			

Edit this file using vi.

				
					$ datadir=/data/database/mysql
				
			

Locate the “datadir=” line and update it with the new path.

Step 6: Configure AppArmor Access Control Rules

				
					$ sudo vi /etc/mysql/mysql.conf.d/mysqld.cnf
				
			

Edit this file using vi.

				
					alias /var/lib/mysql/ -> /data/database/mysql/
				
			

Add this line and save.

				
					$ sudo systemctl restart apparmor
				
			

Restart AppArmor service.

Step 7: Restart MySQL service

				
					$ sudo mkdir /var/lib/mysql/mysql -p
				
			

Create a dummy folder in place of the default MySQL directory.

				
					$ sudo systemctl start mysql
				
			

Start MySQL service.

				
					$ sudo systemctl status mysql
				
			

Confirm that the service has started.

Step 8: Step 7 may sometimes fail if you took the chance to upgrade MySQL while the service is down.

In this case, you will need to re-initialize your database with this command:

				
					mysql_install_db
				
			

before starting from step 3 again.

Step 9: Verify the directory of MySQL database again.

				
					$ sudo mysql -u root -p
				
			

Enter the MySQL password.

				
					mysql> select @@datadir;
				
			

The output will determine the MySQL database directory which is /data/database/

Step 10: Cleanup of temporary files/folders.

Do this after verifying the data integrity of existing data.

				
					$ sudo rm -Rf /var/lib/mysql.bak
				
			

Remove the old MySQL folder we previously rename.

				
					$ sudo systemctl restart mysql
				
			

Restart the service once more to confirm.

How to install SSL certificate in Linux

Enable SSL in Apache

				
					$ sudo a2enmod ssl
				
			

Update config file

Step 1: Navigate to /etc/apache2/sites-enabled/

Step 2: Edit the file “000-default.conf”

Step 3: Comment out all existing lines inside with a ‘#’

Replace the filepaths shown above with the appropriate path that is used for your linux server.

Step 4: Add the below to the file.

				
					<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combine
SSLEngine on
SSLCertificateFile /etc/ssl/certificate.crt
SSLCertificateKeyFile /etc/ssl/certificate.key
SSLCertificateChainFile /etc/ssl/chain.crt
</VirtualHost>
				
			

Step 5: Replace the filepaths shown above with the appropriate path that is used for your linux server.

				
					ServerTokens Prod
ServerSignature Off 
				
			

Restart the apache2 service

				
					$ systemctl restart apache2
				
			

Note: The config file mentioned above may differ in different Linux servers.

Update Ciphersuite

Open the config file for apache2

				
					sudo vim /etc/apache2/sites-enabled/000-default.conf
				
			

Insert the following within the VirtualHost 443 section

				
					SSLCipherSuite      ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384;DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLProxyCipherSuite      ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384;DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLProxyProtocol all -SSLv3 -TLSv1 -TLSv1.1
				
			

Restart the apache2 service

				
					$ systemctl restart apache2
				
			

Php.ini config

Open the php.ini file

				
					sudo vim /etc/php/*.*/apache2/php.ini
				
			

Take note that *.* is to be replaced with the php version that the server is currently installed with.

It can be 7.4, 8.0 or 8.1 based on the latest versions of php at this moment.

Update existing lines with the following

				
					1. expose_php = Off
2. max_execution_time = 3600
3. max_input_time = 3600
4. post_max_size = 2000M
5. upload_max_filesize = 2000M
6. default_socket_timeout = 3600
7. session.cache_expire = 3600
8. date.timezone = Asia/Singapore
9. session.cookie_httponly = 1
10. session.use_only_cookies = 1
11. session.cookie_secure = 1
				
			

Note that 2000M and 3600 can be replaced with other values suitable for your server.

These values are picked to provide a longer timeout and larger file upload size.

Restart the apache2 service

				
					$ systemctl restart apache2
				
			

Transfer of files to Linux

Install pscp in windows.

				
					https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
				
			

We need to install either Putty or just PSCP from the above link.

Once that is done, we can access the ‘pscp’ command from cmd.

PSCP command

				
					pscp file.txt root@192.168.42.1:/var/www/html
				
			
  • file.txt – the file that was to be transferred to linux
  • root – the username of the account to use to transfer to linux
  • 192.168.42.1 – the IP address of the linux machine (to be replaced with your own IP)
  • /var/www/html – the file directory where you want to transfer your file to.

After entering the above command, you will be prompted to enter the password.

Issue that you may encounter on OS major version upgrade

OS upgrade is an overall upgrade of not just the OS but also the various software/services.

MySQL

If you have a second disk drive and had followed our guide to redirect MySQL to that location, you will encounter an issue during OS upgrade.

The OS upgrade will update your MySQL version and it will try to read into the default MySQL directory. It will then generate an error alert when it could not find it.

All we need to do in this case is to restore back the config so that it points to the default directory and we can setup for the second disk drive after the update is completed.

				
					$ vim /etc/mysql/mysql.conf.d/mysqld.cnf
				
			

Edit the file above.

Ensure that the line containing datadir follows the below.

				
					datadir = /var/lib/mysql
				
			

Apache2

During OS upgrade, it will prompt us if we want to replace the edited apache config files with the one from the new version.

As it is a version update, we would want to install the config files of the new version so that we do not miss out anything that may be added due to the new version.

We will then need to update the new config files with our required config.

Php

OS upgrade will always install the latest php with regards to the OS version you are updating to.

JET Workflow currently only works with php version 7.4

So there is a need to change the default running php version to 7.4

				
					$ sudo add-apt-repository -y ppa:ondrej/php
$ sudo apt update
$ sudo apt install php7.4

$ sudo a2dismod php8.1
$ systemctl restart apache2

$ sudo a2enmod php7.4
$ sudo update-alternatives --set php /usr/bin/php7.4
$ sudo update-alternatives --set phar /usr/bin/phar7.4
$ sudo systemctl restart apache2
				
			

In the above, we assume that php 8.1 was installed due to OS upgrade.

If you have other php version installed, you can replace 8.1 with other version numbers.

Binlog files in MySQL taking up space

Sometimes there would be space taken up by MySQL log files.

To get rid of them, access the file below.

				
					$ vim /etc/mysql/mysql.conf.d/mysqld.cnf
				
			

Add the below line to the end of the file.

				
					binlog_expire_logs_seconds=3600
				
			

Restart MySQL service

				
					$ Systemctl restart MySQL
				
			

How to open Firewall Ports

To get the whole thing to work, the http/https ports on the firewall should be open.

Depending on which firewall software your OS is installed with, the steps are different.

Firewalld
				
					sudo firewall-cmd --zone=work --add-port=443/tcp --permanent
sudo firewall-cmd --zone=work --add-port=80/tcp --permanent
sudo firewall-cmd --reload
				
			
UFW
				
					sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw reload
				
			
Suggest Edit
×

Hello!

Click one of our representatives below to chat on WhatsApp or send an email to sales@jetworkflow.com

× How can I help you?